SysCSec - Early Analysis of Security Threats by Modeling and Simulating Power and Timing Attacks in SystemC
Side-channel attacks (SCA) enable attackers to gain access to non-disclosed information by measuring emissions of a system, for example, electromagnetic waves or power consumption. In many existing design processes, the emissions of a system can only be measured on the final system. As a consequence, the analysis of such security threats is often only possible at a very late stage in the development process. In this project, we investigate an approach to simulate SCA in early stages of the development process. The key idea of our approach is threefold: First, we use the powerful system level design language SystemC to provide a detailed model of side channel information, e.g., of the power consumption or timing behavior of a given system. Second, we provide a graphical visualization and analyze the power consumption or timing behavior. Third, we have developed predefined attacker modules in SystemC. Together, we provide a framework to simulate and analyze whether known power or timing attacks are successful on a given system.
A preliminary implementation of our SysCSec Framework is licensed under GPL and freely available. SysCSec demonstrates the applicability of our approach by modeling and simulating a simple power attack (SPA) on a system that uses elliptic curve cryptography (ECC), a differential power attack on a system that uses RSA encryption, and a cross-correlation analysis on the same system. SysCSecT demonstrates timing attacks with varying granularity of timing models.